package com.abing.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class MyRealm extends AuthorizingRealm {

    @Override
    public String getName() {
        return "MyRealm";
    }

    //授权操作
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    //认证操作
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        //参数token 表示登陆是包装的usernamePasswordToken
        //获取token中的用户名
        String userName= (String) authenticationToken.getPrincipal();

        //通过用户名查询数据库，将改用户对应数据查询返回，账号与密码
        //假设查询数据库返回数据是:zhangsan  666
        if (!"zhangsan".equals(userName)){
            return null;
        }
        String password="666";
        //info对象表示realm登陆比对信息，参数1：用户信息(真实登陆是登录对象user对象)，参数2：密码； 参数3：当前realm名字
       SimpleAuthenticationInfo info= new SimpleAuthenticationInfo(userName,password,getName());
        return info;
    }
}
